IETF Logo Mail Archive

Re: [stir] OOB for Service Providers

"Peterson, Jon" <jon.peterson@team.neustar> Fri, 20 March 2020 01:00 UTC

Return-Path: <prvs=4348621b58=jon.peterson@team.neustar>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9CB03A13A7 for <stir@ietfa.amsl.com>; Thu, 19 Mar 2020 18:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=team.neustar
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ofq9xTNk-Amg for <stir@ietfa.amsl.com>; Thu, 19 Mar 2020 18:00:40 -0700 (PDT)
Received: from mx0b-0018ba01.pphosted.com (mx0b-0018ba01.pphosted.com [67.231.157.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 078603A13AF for <stir@ietf.org>; Thu, 19 Mar 2020 18:00:39 -0700 (PDT)
Received: from pps.filterd (m0049401.ppops.net [127.0.0.1]) by mx0b-0018ba01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02K0ivvl012100; Thu, 19 Mar 2020 21:00:36 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=team.neustar; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=team-neustar; bh=AdPVj7QJdw9I2B7QXDW66vKnQGw6w/vYu52yL/aYs7g=; b=bN1hKMVXYDkyNRQ4HPuMikk2ZVvRtolYUpFr16JuEV8WqnvSb/UsELbpBycFX/pVBQyh BshYiZJhBU34B54R+uM5l8SDSXUNZLwZCiyTvFZcd0I8C6NsxpVl1jSX4Mxu42pFnSXM pqIjTjuU9pF5yUPfVbKPefF48iaYWBca4Sa11Us5jW5BnWx9ocPwHWGzh3J4pYDE/kV9 dUMzulHg3ux55tSrGqKQsuk6xSQCwIIrIKkVZUgw+4SoYS0fz6WFgZ8A8fFoBcTrubFe 1AdoLIV9zpdl9KppKFyEl2hsfnYd4jv9rHeyVpQJ/uX0DnLLhxfiyJUFYczBaYmGvDXN Tg==
Received: from stntexhc10.cis.neustar.com ([156.154.17.216]) by mx0b-0018ba01.pphosted.com with ESMTP id 2yu7623vpd-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 19 Mar 2020 21:00:36 -0400
Received: from STNTEXMB103.cis.neustar.com ([fe80::3c08:d7b1:b8d1:dac]) by stntexhc10.cis.neustar.com ([10.31.58.69]) with mapi id 14.03.0439.000; Thu, 19 Mar 2020 20:59:40 -0400
From: "Peterson, Jon" <jon.peterson@team.neustar>
To: Richard Shockey <richard@shockey.us>, Jonathan Rosenberg <jdrosen@jdrosen.net>
CC: "stir@ietf.org" <stir@ietf.org>
Thread-Topic: [stir] OOB for Service Providers
Thread-Index: AQHV+Xrip2oTAfx8hUCxz6kMIrr2iKhIrw8AgAAHLgCAB8orAA==
Date: Fri, 20 Mar 2020 00:59:39 +0000
Message-ID: <88ADD2CB-7EB0-400F-A7CE-E2BC5E5B1625@team.neustar>
References: <9B2AD795-CC46-44E4-A19D-2F708D217F2B@team.neustar> <CA+23+fGutMD9QPCnbHVqsuShYgK9GxGV0PJ_GERuoNzAXM9XuQ@mail.gmail.com> <BEB2E789-9C01-4E0D-BD8F-E9CDBA8C07F0@shockey.us>
In-Reply-To: <BEB2E789-9C01-4E0D-BD8F-E9CDBA8C07F0@shockey.us>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.12.200112
x-originating-ip: [10.96.14.67]
Content-Type: multipart/alternative; boundary="_000_88ADD2CB7EB0400FA7CEE2BC5E5B1625teamneustar_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.645 definitions=2020-03-19_10:2020-03-19, 2020-03-19 signatures=0
X-Proofpoint-Spam-Reason: orgsafe
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/SI9XC6F_2TWk54CKE5YqKYGUKeI>
Subject: Re: [stir] OOB for Service Providers
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Mar 2020 01:00:48 -0000

I do agree that universal in-band end-to-end SIP connectivity is the endgame, and it would obviate the need for a STIR OOB mechanism. This is just a question of whether, given the aggressive timeframes out there, we could use a fallback to deal with the tactical problem of beating robocalls. Like you, I fear that we are going to have to cope with TDM in the network for the foreseeable future.

Jon Peterson
Neustar, Inc.

From: Richard Shockey <richard@shockey.us>
Date: Saturday, March 14, 2020 at 12:02 PM
To: Jonathan Rosenberg <jdrosen@jdrosen.net>, "Peterson, Jon" <jon.peterson@team.neustar>
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] OOB for Service Providers


The larger question is whether OOB is worth anyone’s time or could we better spend our efforts encouraging more or perhaps even mandating SIP/IMS Interconnection.

From a purely regulatory perspective there are lots of perverse incentives in the US and Canadian systems to discourage SIP an encourage classic TDM.   The US Intercarrier Compensation regime is one example and ongoing dilemma and lack of consensus of which methodology does the industry prefer to handle number translations.  Yes I know..6116 vs the NPAC.

From where I sit that question is coming up more and more.  I certainly don’t object to exploring all the options here since there its clear some jurisdictions are going to have predominantly TDM networks for the foreseeable future.

—

Richard Shockey

Shockey Consulting LLC

Chairman of the Board SIP Forum

www.shockey.us<https://urldefense.com/v3/__http:/www.shockey.us__;!!N14HnBHF!togNaqJ0ImDyAEHnybJt2NI9iD9WmkDtolcx1ixhHHjntQqEyZ9_BdP-tQmQiVWcRlokmQ$>

www.sipforum.org<https://urldefense.com/v3/__http:/www.sipforum.org__;!!N14HnBHF!togNaqJ0ImDyAEHnybJt2NI9iD9WmkDtolcx1ixhHHjntQqEyZ9_BdP-tQmQiVUnOjhrKA$>

richard<at>shockey.us

Skype-Linkedin-Facebook –Twitter  rshockey101

PSTN +1 703-593-2683


From: stir <stir-bounces@ietf.org> on behalf of Jonathan Rosenberg <jdrosen@jdrosen.net>
Date: Saturday, March 14, 2020 at 2:36 PM
To: "Peterson, Jon" <jon.peterson=40team.neustar@dmarc.ietf.org>
Cc: "stir@ietf.org" <stir@ietf.org>
Subject: Re: [stir] OOB for Service Providers

Thanks Jon - very interesting concept.

In order for this to work, a call originator needs to figure out which carrier's CPS to send the passport to, for a given dialed number. The draft proposes that this info can be obtained from the TNAuthList in the carriers certificate used to sign the cps advertisement. This presumes that terminating carriers are willing to actually enumerate the set of TNs they own in a certificate, and make this available to enterprises, contact centers or other entities which are going to place calls to those numbers.

I think the jury is still out on whether these certs will end up containing actual numbers and prefixes, as opposed to OCNs. Classic inbound STIR and OOB can work without number lists, whereas this draft requires the TN list in order to facilitate routing (i.e., identifying the terminating cps).

So - I think the key question is whether this routing is going to be feasible in practice or not.

Thx,
Jonathan R.

On Fri, Mar 13, 2020 at 5:04 PM Peterson, Jon <jon.peterson=40team.neustar@dmarc.ietf.org<mailto:40team.neustar@dmarc.ietf.org>> wrote:
So we'll all be sad not to meet in Vancouver this time, but given that we're scheduling a virtual meeting, I did want to give a pointer to a new draft:

https://tools.ietf.org/html/draft-peterson-stir-servprovider-oob-00<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-peterson-stir-servprovider-oob-00__;!!N14HnBHF!togNaqJ0ImDyAEHnybJt2NI9iD9WmkDtolcx1ixhHHjntQqEyZ9_BdP-tQmQiVWA-tY9eQ$>

This draft works toward a more concrete protocol implementation of out-of-band STIR, for the case where a service provider (could be a carrier, large enterprise, or an OTT service) advertises a CPS that collects PASSporTs for calls that would terminate on its network. Because it is tightly coupled to the terminating side of the call, this flavor of CPS has a different security posture than a public CPS that is necessarily decoupled from call signaling entirely.

I know there is some talk out there about "OOB SHAKEN" these days, and to be clear, this is not an "OOB SHAKEN" draft - this looks at general tools that might ultimately support efforts to deliver SHAKEN out-of-band, but it does not limit its consideration of the problem space to the way that SHAKEN currently handles certification and signing. The plan is to deliver a mechanism that is applicable to a variety of potential policies in that regard..

If folks here are interested in working on this, let's discuss it a bit, and maybe find some agenda time for it.

Jon Peterson
Neustar, Inc.

_______________________________________________
stir mailing list
stir@ietf.org<mailto:stir@ietf.org>
https://www.ietf.org/mailman/listinfo/stir<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/stir__;!!N14HnBHF!togNaqJ0ImDyAEHnybJt2NI9iD9WmkDtolcx1ixhHHjntQqEyZ9_BdP-tQmQiVUVqjI_7A$>


--
Jonathan Rosenberg, Ph.D.
jdrosen@jdrosen.net<mailto:jdrosen@jdrosen.net>
http://www.jdrosen.net<https://urldefense.com/v3/__http:/www.jdrosen.net__;!!N14HnBHF!togNaqJ0ImDyAEHnybJt2NI9iD9WmkDtolcx1ixhHHjntQqEyZ9_BdP-tQmQiVVIplG86A$>
_______________________________________________ stir mailing list stir@ietf.org https://www.ietf.org/mailman/listinfo/stir<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/stir__;!!N14HnBHF!togNaqJ0ImDyAEHnybJt2NI9iD9WmkDtolcx1ixhHHjntQqEyZ9_BdP-tQmQiVUVqjI_7A$>

v2.23.0 | Report a Bug | By Email